org.opensaml.saml1.binding.encoding

Class BaseSAML1MessageEncoder

java.lang.Object

org.opensaml.ws.message.encoder.BaseMessageEncoder

org.opensaml.saml1.binding.encoding.BaseSAML1MessageEncoder

All Implemented Interfaces:

SAMLMessageEncoder, MessageEncoder

Direct Known Subclasses:

HTTPArtifactEncoder, HTTPPostEncoder, HTTPSOAP11Encoder

public abstract class BaseSAML1MessageEncoder
extends BaseMessageEncoder
implements SAMLMessageEncoder

Base class for SAML 1 message encoders.

Constructor Summary

Constructors

Constructor and Description
BaseSAML1MessageEncoder()

Method Summary

Methods

Modifier and Type	Method and Description
List<String>	getAllowedURLSchemes() Gets the unmodifiable list of schemes allowed to appear in URLs related to the encoded message.
protected URLBuilder	getEndpointURL(SAMLMessageContext messageContext) Gets the response URL from the relying party endpoint.
void	setAllowedURLSchemes(String[] schemes) Sets the list of list of schemes allowed to appear in URLs related to the encoded message.
protected void	signMessage(SAMLMessageContext messageContext) Signs the given SAML message if it a SignableSAMLObject and this encoder has signing credentials.

Methods inherited from class org.opensaml.ws.message.encoder.BaseMessageEncoder

doEncode, encode, logEncodedMessage, marshallMessage

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.opensaml.common.binding.encoding.SAMLMessageEncoder

getBindingURI

Methods inherited from interface org.opensaml.ws.message.encoder.MessageEncoder

encode, providesMessageConfidentiality, providesMessageIntegrity

Constructor Detail

BaseSAML1MessageEncoder

public BaseSAML1MessageEncoder()

Method Detail

getAllowedURLSchemes

public List<String> getAllowedURLSchemes()

Gets the unmodifiable list of schemes allowed to appear in URLs related to the encoded message.

Returns:

list of URL schemes allowed to appear in a message

setAllowedURLSchemes

public void setAllowedURLSchemes(String[] schemes)

Sets the list of list of schemes allowed to appear in URLs related to the encoded message. Note, the appearance of schemes such as 'javascript' may open the system up to attacks (e.g. cross-site scripting attacks).

Parameters:

schemes - URL schemes allowed to appear in a message

getEndpointURL

protected URLBuilder getEndpointURL(SAMLMessageContext messageContext)
                             throws MessageEncodingException

Gets the response URL from the relying party endpoint. If the SAML message is a Response and the relying party endpoint contains a response location then that location is returned otherwise the normal endpoint location is returned.

Parameters:

messageContext - current message context

Returns:

response URL from the relying party endpoint

Throws:

MessageEncodingException - throw if no relying party endpoint is available

signMessage

protected void signMessage(SAMLMessageContext messageContext)
                    throws MessageEncodingException

Signs the given SAML message if it a SignableSAMLObject and this encoder has signing credentials.

Parameters:

messageContext - current message context

Throws:

MessageEncodingException - thrown if there is a problem preparing the signature for signing